package org.akaza.openclinica.designer.core;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:WEB-INF/classes/org/akaza/openclinica/designer/core/RequestFilter.class */
public class RequestFilter extends OncePerRequestFilter {
    private static final String SESSION_KEY_PROVIDER_USER = "providerUser";
    private static final String SESSION_KEY_PROVIDER_HOST = "providerHost";
    private static final String REQUEST_KEY_PROVIDER_USER = "provider_user";
    private static final String REQUEST_KEY_PROVIDER_HOST = "host";

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        HttpSession session = httpServletRequest.getSession();
        if (doesSessionHaveUserAndHost(session).booleanValue() && doesRequestHaveUserAndHost(httpServletRequest).booleanValue() && !areUserAndHostInRequestSameAsUserAndHostInSession(session, httpServletRequest).booleanValue()) {
            session.invalidate();
            httpServletRequest.getSession(true);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private Boolean doesSessionHaveUserAndHost(HttpSession httpSession) {
        return (((String) httpSession.getAttribute(SESSION_KEY_PROVIDER_USER)) == null || ((String) httpSession.getAttribute(SESSION_KEY_PROVIDER_HOST)) == null) ? false : true;
    }

    private Boolean doesRequestHaveUserAndHost(HttpServletRequest httpServletRequest) {
        return (httpServletRequest.getParameter(REQUEST_KEY_PROVIDER_USER) == null || httpServletRequest.getParameter(REQUEST_KEY_PROVIDER_HOST) == null) ? false : true;
    }

    private Boolean areUserAndHostInRequestSameAsUserAndHostInSession(HttpSession httpSession, HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(REQUEST_KEY_PROVIDER_USER);
        String str = (String) httpSession.getAttribute(SESSION_KEY_PROVIDER_USER);
        String parameter2 = httpServletRequest.getParameter(REQUEST_KEY_PROVIDER_HOST);
        String str2 = (String) httpSession.getAttribute(SESSION_KEY_PROVIDER_HOST);
        return Boolean.valueOf(str != null && parameter != null && parameter.equals(str)).booleanValue() && Boolean.valueOf(str2 != null && parameter2 != null && parameter2.equals(str2)).booleanValue();
    }
}
